As containerd becomes more and more widely used, we have to keep up with the pace of the official website.
Before the configuration of https private mirror repository method is more cumbersome, and is not easy to sort out, the following section introduces the latest configuration method.
Configuring the https private mirror repository
I'm assuming that you have a private repository now and that it is https
Again, let's say your harbor domain is
You just need to configure the path to the certificate in /etc/containerd/:
...
[plugins.".".registry]
config_path = "/etc/containerd/"
...
Then create the corresponding directories and files
mkdir -p /etc/containerd//
cat > << EOF
server = ""
[host.""]
capabilities = ["pull", "resolve", "push"]
skip_verify = true
EOF
skip_verify = true means skip TLS verification, change it to false if you want to be more secure, upload the certificate and specify the path.
[root@anilis-k8s-03 ]# ls
Modify the configuration:
cat > << EOF
server = ""
[host.""]
capabilities = ["pull", "resolve", "push"]
skip_verify = false
ca = ""
EOF
Finally restart the containerd
systemctl restart
Pulled the mirrors again and they are all accessible as normal!
If you have other domains to add, then just create the corresponding directory!
Refer to the official website
containerd:
/containerd/containerd/blob/main/docs/cri/
/containerd/containerd/blob/main/docs/
HARBOR Self-visa certificate:
/docs/2.11.0/install-config/configure-https/